Hi ! I am looking for some recommendations regarding enabling mpls ip in core network. We have a standard service policy that classifies/tags packets based on port number ie. Citrix 1494 etc. This service-policy does not work when we mpls enable the interfaces because of the tag and is expected behaviour. Our main usage for MPLS will be to transport VPN's. To overcome the service-policy problem myy suggestion has therefore been to add some filtering that only allows mpls tagged traffic between BGP-MP peers with the following commands:
no mpls ldp advertise-lables
mpls ldp advertise-lables for acl_BGP_PEERS
I have tested this in lab and it work great but has to be added on every mpls enabled router in the network. Do you have any better suggestions or see any problems that this could cause ? I also read that its best practice to not enable MPLS for the whole core in a customer network as it doubles the memory usage for routing tables etc. What do you think ?
Check out our latest release on Cisco Routed Optical Networking solution. Listen: https://smarturl.it/CCRS8E24Follow us: https://twitter.com/ciscochampion Disruptive network transformation may only happen once a decade. First movers c...
BGP flowspec in a nutshell is a feature that will allow you to receive IPv4/IPv6 traffic flow specification (source X, destination Y, protocol UDP, source port A .. etc) and actions that need to be taken on that traffic (drop, or polic...
In EVPN A/A + IRB both PE in same EVI have BVI playing a default GW role. Its not supported to have BVI to be shutdown on one of PEs, In this case if if traffic hit this PE with DMAc equal to BVI Custom MAC, then it will drop this traffic du...
Crosswork Cloud - Crosswork Traffic Analysis - FAQ
Crosswork Cloud - Crosswork Traffic Analysis is a Cloud-hosted Software as a Service platform that provides Netflow based Traffic Analytics. The Crosswork Traffic Analysis platform Traffic Analysis, Peeri...
Cisco Champion Radio · S8|E9 Innovations to Achieve a Trustworthy Infrastructure
How do you know for certain that a router in your network has not been altered with since you deployed it? Wouldn’t it be great if you can cryptographically challenge your r...